Search the Community

Showing results for tags 'login'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • ProDrafts
  • ListerPro
  • ProFields
  • ProCache
  • Form Builder
  • Likes
  • ProDevTools
  • Custom Development

Categories

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 77 results

  1. Hey all, I am working on a website and I want to style the login page, but I'm a bit confused. I want either the existing login page styled in my own way using some CSS (I guess I prefer that) or I want to create a custom page with a form to login. (Which I could style too). I used the code from Ryan and Renobird posted here - which works great - but that doesn't replace the original login page. Is there a way to some sort of 'disable' the original login? I hope my question is clear and thanks in advance, matsn0w
  2. I would like to redirect users from a specific role group to a specific URL upon login. Any thought on how to accomplish this?
  3. Hi, I just moved PW to a new server and now I can't login because I am getting the error: "this request was aborted because it appears to be forged" when submitting the login form. I tried changing the password and username with the API... thinking this is session related? Any suggestions? Thanks in advance,
  4. Jonathan Sachse Mikkelsen

    Hi everyone I've hit an error i can't seem to find a solution for. I build this website (www.petervigh.com) last year with processwire, and this week this error started showing up when my client tried to login: Catchable fatal error: session_regenerate_id(): Failed to create(read) session ID: memcached (path: nfs01.cl2000.ams1.nl.leaseweb.net:11211) in /srv/psa03/petervigh.com/httpdocs/wire/core/Session.php on line 728 Recoverable Fatal Error: session_regenerate_id(): Failed to create(read) session ID: memcached (path: nfs01.cl2000.ams1.nl.leaseweb.net:11211) (line 728 of /srv/psa03/petervigh.com/httpdocs/wire/core/Session.php) The site has been up and running for many months and i have done no maintenance or updates on it since it went live and has been working flawless so far. I've had no luck with googling this error, and I've no idea how to go about this. This is my first time posting on this wonderful forum that has proven a very valuable source of troubleshooting since i started working with processwire a year ago. hope to receive some valuable tips and bear with me for my less than great knowledge of php in general Jonathan
  5. Hi everyone: I do not know if someone before using ProcessWire with AWS CloudFront, currently I have problems with the login, it does not work for any reason, when I check in the logs generated by ProcessWire, it only indicates This request was aborted because it appears to be forged. (in /wire/core/SessionCSRF.php line 190). I have allowed CloudFront to forward all headers, cookies and allow all methods (GET, POST, PUT). When I perform the same process from the ip server if it works or from the balancer.
  6. flydev

    OAuth2Login for ProcessWire A Module which give you ability to login an existing user using your favorite thrid-party OAuth2 provider (i.e. Facebook, GitHub, Google, LinkedIn, etc.).. You can login from the backend to the backend directly or render a form on the frontend and redirect the user to a choosen page. Built on top of ThePhpLeague OAuth2-Client lib. Registration is not handled by this module but planned. Howto Install Install the module following this procedure: - http://modules.processwire.com/modules/oauth2-login/ - https://github.com/flydev-fr/OAuth2Login Next step, in order to use a provider, you need to use Composer to install each provider ie: to install Google, open a terminal, go to your root directory of pw and type the following command-line: composer require league/oauth2-google Tested providers/packages : Google : league/oauth2-google Facebook: league/oauth2-facebook Github: league/oauth2-github LinkedIn: league/oauth2-linkedin More third-party providers are available there. You should be able to add a provider by simply adding it to the JSON config file. Howto Use It First (and for testing purpose), you should create a new user in ProcessWire that reflect your real OAuth2 account information. The important informations are, Last Name, First Name and Email. The module will compare existing users by firstname, lastname and email; If the user match the informations, then he is logged in. ie, if my Google fullname is John Wick, then in ProcessWire, I create a new user Wick-John with email johnwick@mydomain.com Next step, go to your favorite provider and create an app in order to get the ClientId and ClientSecret keys. Ask on the forum if you have difficulties getting there. Once you got the keys for a provider, just paste it into the module settings and save it. One or more button should appear bellow the standard login form. The final step is to make your JSON configuration file. In this sample, the JSON config include all tested providers, you can of course edit it to suit your needs : { "providers": { "google": { "className": "Google", "packageName": "league/oauth2-google", "helpUrl": "https://console.developers.google.com/apis/credentials" }, "facebook": { "className": "Facebook", "packageName": "league/oauth2-facebook", "helpUrl": "https://developers.facebook.com/apps/", "options": { "graphApiVersion": "v2.10", "scope": "email" } }, "github": { "className": "Github", "packageName": "league/oauth2-github", "helpUrl": "https://github.com/settings/developers", "options": { "scope": "user:email" } }, "linkedin": { "className": "LinkedIn", "packageName": "league/oauth2-linkedin", "helpUrl": "https://www.linkedin.com/secure/developer" } } } Backend Usage In ready.php, call the module : if($page->template == 'admin') { $oauth2mod = $modules->get('Oauth2Login'); if($oauth2mod) $oauth2mod->hookBackend(); } Frontend Usage Small note: At this moment the render method is pretty simple. It output a InputfieldForm with InputfieldSubmit(s) into wrapped in a ul:li tag. Feedbacks and ideas welcome! For the following example, I created a page login and a template login which contain the following code : <?php namespace ProcessWire; if(!$user->isLoggedin()) { $options = array( 'buttonClass' => 'my_button_class', 'buttonValue' => 'Login with {provider}', // {{provider}} keyword 'prependMarkup' => '<div class="wrapper">', 'appendMarkup' => '</div>' ); $redirectUri = str_lreplace('//', '/', $config->urls->httpRoot . $page->url); $content = $modules->get('Oauth2Login')->config( array( 'redirect_uri' => $redirectUri, 'success_uri' => $page->url ) )->render($options); } The custom function lstr_replace() : /* * replace the last occurence of $search by $replace in $subject */ function str_lreplace($search, $replace, $subject) { return preg_replace('~(.*)' . preg_quote($search, '~') . '~', '$1' . $replace, $subject, 1); } Screenshot
  7. If I have two PW sites that sit in separate folders, I can't be logged-in in both sites. e.g. site.com/project-a/pw-admin-slug/ site.com/project-b/pw-admin-slug/ If I login to project-a, then also login to project-b, get back to the first site, I have to login again. Is the cookie / session mechanism storing my domain? If it does, and it's meant to be some sort of security enhancement, it should not check my domain, but root-URL of the PW-installation. (strangely, this doesn't happen on localhost) Is it possible to prevent that behavior? Often I have two sites open (e.g. check to see if I have the same CKEditor setup and quickly copy and paste it, or copy a user-role)
  8. Hello, just installed and the link "login to admin" takes me to a blank page. the url is processwire/processwire but there is not processwire directory inside the processwire directory. What is this supposed to be pointing to?
  9. Sure this has been asked a million times but cant find a simple answer. Trying to set the page to redirect to after login in the front end - i.e. not on the admin login page. some reason this works for super users but not normal users redirecting to a page which is viewable by members not guest role users. $showLoginError = false; if($input->post->user && $input->post->pass) { $username = $sanitizer->username($input->post->user); $pass = $input->post->pass; try { $session->login($username, $pass); // redirect user $session->redirect("/events/"); } catch (\Exception $e) { $showLoginError = true; } }
  10. I'm using the LoginRegister module and I'm getting an internal server error when I try to login with a wrong password more than one time. I've found that the error comes from the SessionLoginThrottle.module, because, for security reasons, is better to prevent too many failed logins. Ok, good. But, am I wrong if I think it's too bad to show an Internal server error to the user instead of a simple error in template saying the user to wait X seconds to retry to login? Is there a way to do that? It would be great if I could get the error string and style it in the page the way I like. And in the SessionLoginThrottle admin configuration, I think that could be a good idea to be able to change the maximum number of login attempts before the error is shown.
  11. I have a site built with a user role 'member' that can view some extra 'member area' pages. I have a user with the role 'editor' that has been given 'user-admin' permission who can successfully generate new users. However, when they try to add / change a 'member' role password to a 'member' role they get the error: Unable to generate password hash Does anyone know how to assign the 'editor' role the permission to generate a password for other user types? Thanks!
  12. I have my own register-login-profile/account page system. I know that Ryan recently released an official module for this, but there may be an advantage to having my own custom solution. Anyway, it seems to work well. But, I have been getting annoying Russian hack attempt accounts, mostly as 'guests' that don't bother to use the activation link. Most if not all of these accounts have this in the name field: No Subscription Detected Not Recognized ...which makes them relatively easy to filter out from real name accounts. Where do these "strings" come from? I can't find them in Processwire's source. Are the hackers using some kind of tool that inserts these for some reason? Or is it a PHP thing? Does anyone recognize them? Does it mean they are using some kind of backdoor instead of the registration form? In general, what are the best practices to secure my registration form, prevent spam accounts, etc.? I'll start with adding a check to block IP addresses that try to register with 'Not Recognized' etc. in the name field I guess.
  13. Having problems with the new Login/Register module and hoping someone can help. Desired result: Guest lands on site (or later specific page) and is redirected to the Login page. The user’s landing page is saved to a session and once logged-in, is redirected back to the original landing page What’s happening: Guest lands on any page on the site and is redirected to the Login page Guest enters credentials, hits submit, then sometimes a variety of error messages get written to the logs including sessionCSRF and MYSQL errors. Guest user is presented with the Internal Server Error. Regardless, guest is not logged in Scenario: Using PW 3.0.76 and PHP 5.6 User account created manually in admin with login-register privilege User is my old mate: Username: fred Email: fred@flintstone.com Password: 1234test. Site is configured to use delayed output with Regions & Functions API In _init.php I have: <?php namespace ProcessWire; if(!$user->isLoggedin() && $page->id!=1193) { // not for login page $session->set('returnPage', $page->url); $session->redirect('/login/'); die; } In login.php template: <?php namespace ProcessWire; if($user->isLoggedin() && !$input->get('profile') && !$input->get('logout')) { // login and go back to the previous page or go to the home page $goToUrl = $session->returnPage ? $session->returnPage : '/'; $session->redirect($goToUrl); } else { // let the LoginRegister module have control $content = $modules->get('LoginRegister')->execute(); } ?> <div id="regContent"> <div class="content-wrap"> <div class="container clearfix"> <region id="regPostContent"> <!-- Post Content ============================================= --> <div class="postcontent nobottommargin clearfix col_three_fourth"> <?=$content?> </div><!-- .postcontent end --> </region><!--#regPostContent--> </div> </div> </div><!-- #content end --> What am I doing wrong? Why can’t Fred login? Any help to resolve much appreciated. TIA Psy PS: Tried to use TracyDebugger to see what was happening but got js errors. Just not my day. Uninstalled TD and no errors
  14. Sorry folks if this is obvious to most and I missed something in the docs or here in the forum, but, I have cheerfully used code such as: if($user->isLoggedin()) { echo " loggedIn"; } else { echo " notLoggedIn"; } in PW 2.x sites. Now on a v3 site I am finding even the most basic test to see if the viewer is logged in or `isSuperuser()` is not giving an error but simply doing nothing - not evaluating. For example, the top of a typical template reads: <?php namespace ProcessWire; if($user->isLoggedin()) { echo " loggedIn"; } else { echo " notLoggedIn"; } I have `debug` turned on. Is there something obvious I have missed, perhaps a step required for v3 that's not required for v2 to allow access to $user data? Thanks for any pointers.
  15. Hi. I have a membersite that sends out emails to users with links to specific pages. When the user clicks on the link in the mail and the browser opens the site, the user is redirected to the login page. However, I would like for the user to be redirected back to the page they opened from their mail. I don't see how this can be done in Processwire. I have a template and in the Access settings, I have chosen to redirect to the login page. There is on tag that I can include with {id}, but that returns the ID of the login page. I would like to have a tag that returns the ID of the original page the user has opened. Maybe a tag called {id_original} could be a way to solve it. Is there some other way I can filter the redirect process?
  16. Noel Boss

    This module hooks into the login method to provide the possibility to login with the user's email address. This is my first module and it's very simple. Please provide feedback if you have any suggestions. Thanks The module can be found in the module repository: https://modules.processwire.com/modules/login-with-email/ or on github: https://github.com/noelboss/LoginWithEmail
  17. I hope this is the correct place to post this. I currently am building a "dashboard" that displays some stats etc, but also handles login/logout with a form. Currently, when a user uses the form on the homepage, they redirected (if the credentials are correct) to the backend of processwire. However, I was hoping to direct the user back to the dashboard and display an alert (for now until I get a library to handle this). I got it somewhat working if I dont redirect the user. However, if I refresh the page, the alert still "pops up". Does anyone know of a way to redirect to the home page, but then display an alert? My Code to login: <?php if($input->post->user && $input->post->pass) { $user = $sanitizer->username($input->post->user); $pass = $input->post->pass; if($session->login($user, $pass)) { // login successful $session->redirect($dash); } } ?>
  18. How to track user active time based on session login and logout. Basically, I want to get the report that each user login time and logout time/session inactivity time. Is there any module available or we can use any hooks to simulate the above. Thanks in advance for your support.
  19. Hi all, Im working on a photography website where users can comment and like on photos (which are pages). I solved the comment part with the comment module, but I also want a 'like' system. Which includes; - Like a photo. Like count on the photo adds up. - If user has a few favourite photos, i would like a 'Favourites' section on the user profile page, with all of the liked photos. - Apart from the likes, i would like to have a page 'Most liked photos of this week', so each week the community can see the photos with the most likes that week. I came across the Like plug-in, but i would like to have a little more tailored solution and keep it to logged-in users only and be able to see all of the liked photos of a user. Any idea how to keep track of the likes and build a 'Most liked this week' page? Help would be appreciated! Thnx.
  20. In a PW file, I successfully login a $user using $session->login(). I later redirect to a different PHP file. It's not a PW template file so I do the appropriate include("/path/to/processwire/index.php"); But then I try to get the logged in $user->name and it always gives me 'guest'. And if I set a $session value at login, in the redirected file my values are lost. I am new to PW so I am surprised. What am I missing? Thx
  21. Hi all guys! I've a BIG problem here and hope you can help me to solve it. Suddenly yesterday my PW installation stopped letting me to log in. I can access the front-end, but each time i try to log into the back-end it gives me "This request was aborted because it appears to be forged." I already have searched into the forum and tried every possible solution, without any result In order: site/config.php is readable site/assets/{cache,logs,sessions} is present and 0755 (and setting them to 0777 doesn't make any difference) tried to backup site/assets/sessions directory and make another new empty one nothing is changed with user:group permissions setting $protectCSRF, $sessionChallenge, and $sessionFingerprint to false the error disappears but the login page still remains making the sessions table empty doesn't make any difference enabled/disabled the www. redirection in .htaccess, just in case but nothing enabled $debug and no error removed cookies restarted the server Anybody has an idea?
  22. Have set up a front-end registration form and it all seems fine but rather than giving them a link to "Click here to login!", I'd like to log them in automatically. I was thinking that as the login takes place after the new user has been saved that it ought to work but it doesn"t seem to be working at the moment. Is this even achievable without a page reload? Here is my code currently: <?php include("./header.inc"); $headings = " <div id='register'> <div class='row'> <div class='twelve columns'> <h3>Register with us</h3>"; $form="<form action='./' id='registration' method='post'> <div class='row'> <div class='four columns'> <label for='username'>Username</label> <p class='help'>Please ensure your username contains no spaces</p> <input type='text' name='username' value='{$input->post->username}'> <label for='first_name'>First name</label> <input type='text' name='first_name' value='{$input->post->first_name}'> <label for='last_name'>Last name</label> <input type='text' name='last_name' value='{$input->post->last_name}'> <label for='email'>Email address</label> <input type='text' name='email' value='{$input->post->email}'> </div> <!-- /.four columns --> <div class='four columns'> <label for='company_name'>Company name</label> <input type='text' name='company_name' value='{$input->post->company_name}'> <label for='company_url'>Company URL</label> <input type='text' name='company_url' value='{$input->post->company_url}'> <label for='company_phone'>Company phone</label> <input type='text' name='company_phone' value='{$input->post->company_phone}'> </div> <!-- /.four columns --> <div class='four columns'> <label for='pass'>Password</label> <p class='help'>Please ensure your password is at least 6 characters long and contains at least one digit and one letter</p> <input type='password' name='pass' value='{$input->post->pass}'> <label for='pass_confirm'>Confirm password</label> <input type='password' name='pass_confirm' value='{$input->post->pass_confirm}'> </div> <!-- /.four columns --> </div> <!-- /.row --> <input class='button success small' type='submit' name='submit_registration' id='submit'> </form>"; $message = "Please fill in the form below if you would like to register in order to receive exclusive access to our brochures and latest information."; $usernames = array(); foreach ($users as $u) { $usernames[] = $u->name; } if($input->post->submit_registration) { if (empty($input->post->username) || empty($input->post->email) || empty($input->post->pass)) { $message = "Please fill out all fields marked with a *"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif (in_array($input->post->username, $usernames)) { $message = "Sorry, that username is already taken, please choose another."; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif (filter_var($input->post->email, FILTER_VALIDATE_EMAIL) === FALSE) { $message = "Please include a valid email address"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif (!preg_match("/[0-9]/", $input->post->pass) || strlen($input->post->pass) < 6) { $message = "Please ensure your password has at least one digit and is at least 6 characters long"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif($input->post->pass !== $input->post->pass_confirm) { $message = "Please ensure that your passwords match"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } else { echo $headings; $message = "Congratulations! You have successfully registered and have been logged in"; echo "<h5 class='success'>$message</h5>"; $u = new User(); $u->of(false); $u->name = $sanitizer->username($input->post->username); $u->first_name = $sanitizer->text($input->post->first_name); $u->last_name = $sanitizer->text($input->post->last_name); $u->company_name = $sanitizer->text($input->post->company_name); $u->company_url = $sanitizer->url($input->post->company_url); $u->company_phone = $sanitizer->text($input->post->company_phone); $u->email = $sanitizer->email($input->post->email); $u->pass = $sanitizer->text($input->post->pass); $u->addRole('registered'); $u->save(); $u->of(true); require_once("./scripts/PHPMailer/class.phpmailer.php"); $form_contents = array( 'username' => $sanitizer->username($page->username), 'First name' => $sanitizer->text($input->post->first_name), 'Last name' => $sanitizer->text($input->post->last_name), 'Company name' => $sanitizer->text($input->post->company_name), 'Company URL' => $sanitizer->url($input->post->company_url), 'email' => $sanitizer->email($input->post->email), 'Phone Number' => $sanitizer->text($input->post->company_phone), ); $to_name = "My company"; $to = "me@me.com"; $subject = "New registered user"; $form_message = ""; foreach ($form_contents as $key => $value) { $form_message .= "$key: $value\n"; } $from = "$form_contents[email]"; $from_name = "$form_contents[username]"; $mail = new PHPMailer(); $mail->CharSet = 'UTF-8'; $mail->FromName = "$from_name"; $mail->From = "$from"; $mail->AddAddress ($to, $to_name); $mail->Subject = "$subject"; $mail->Body = "$form_message"; $mail->Send(); $name = $u->name; $pass = $u->pass; if ($session->login($name, $pass)) { $session->redirect("../"); } } } elseif ($user->isLoggedin()) { echo $headings; echo "<h5>No need to register " . $user->get('first_name|name') . ", you are already are! <a href='{$config->urls->root}'>Click here</a> if you would like to return to the homepage.</h5>"; } else { echo $headings; echo "<h5>$message</h5>"; echo $form; } ?> </div> <!-- /.twelve columns --> </div> <!-- /.row --> </div> <!-- /#register --> <?php ?> <?php include("./footer.inc"); Thanks.
  23. Hello Community, I have read that I get no support on GitHub. For this reason I am here for the second time. The thing is that I enabled a fresh Processwire installation and under https://processwire.wpzweinull.ch/processwire no page is found. The admin login is thus not possible. How can I fix the problem? Thanks in advance, Alexander
  24. GKrabach

    Greetings PW community - I've got a site that I inherited, but brought it down to a local dev server (Ubuntu) in order to make changes before pushing those to the live version. I have the database connection setup and content displays as expected however I can't login. Environment info: ProcessWire 3.0.33 PHP 7 MySQL Ubuntu server Admin url changed (to clients name ) Initial scenario: I can access the admin login page just fine, however when I was submitting the request I was receiving the CSRF login error ("This request was aborted because it appears to be forged"), so I went and found the login troubleshooting guide: https://processwire.com/docs/tutorials/troubleshooting-guide/page2. I took the following steps to debug: Verified that there is enough space left on HD to create the session file. Verified that the /site/assets/ subfolders exist and set permissions to 777 for testing Verified config.php is set to at least 644 (it is 777 now on my dev box for testing purposes) Disabled CSRF, session fingerprinting & session challenge in config.php I have installed an original copy of ProcessWire 3.0.33's index.php After this, I stopped getting the forged attempt error, but now it was processing the login form submission and coming back to the login page w/o any errors or success message. So I enabled some logging: Enabled debug in config.php (not receiving any on screen errors) Tailed apache error logs Through tailing the logs I found that it was having an issue with sendmail (trying to use it, but sendmail wasn't installed). So I installed sendmail and configured it. Now it takes forever (approx. 4.5 minutes) to processes, and I'm not receiving any errors in the apache logs, and no errors are reported on screen when it finally completes/timesout.
  25. quick question, can the $username in login() be email OR username, or anything else?